Pages

Daily Tech Digest - December 01, 2017

US businesses lose around $37 billion each year due to unnecessary meetings, and the time lost and opportunity cost due to unproductive meetings can be compounded if there are unnecessary attendees. Project meetings are no different. Not every project management meeting is the same and the attendees required will vary, depending on the specific meeting. ... If 12 people average an hourly rate of $50 and attend a one-hour weekly meeting for 24 weeks, the cost to the project is $14,400. If only eight people needed to be in attendance, the cost would have been $9,600. The additional four attendees cost the project $4,800 over 24 weeks. This may not sound like a significant number to the bottom line of a project, but if this were to take place over 10 projects, the cost to a company would be almost $100,000. Importantly, this cost does not factor in the productivity lost due to the unnecessary attendance

Cyber threat intelligence (CTI) plays an important role in an organization’s defense-in-depth defense strategy often being leveraged by other cyber security functions, such as security event monitoring, incident response and forensic investigations. To derive value from CTI, raw or processed data feeds must be analyzed and applied within the context of the organization to improve, among other capabilities, the ability to detect threats and respond to incidents. Visibility into the design and operating effectiveness of CTI processes can provide some assurance to management and potentially support funding requests for further investment in this area. Based on that premise, below are five areas to consider when conducting a review of your organization’s CTI capabilities.

In the fast paced technology driven businesses, quick turnaround solutions like microservices often take the precedence over “planned” integration. This strategy, although in short term, provides for better business value, in the long run, creates unmanageable technical debt. As uncontrolled business debt erodes business’s ability to grow further, uncontrolled technical debt erodes IT department’s ability to fund future innovations. Although in many cases it’s an easiest approach to take, piecemeal achievements are short lived. Soon, IT teams find themselves lost in a sea of fragmented software gizmos. Nevertheless, proving the value of a horizontal function such as Integration has become extremely challenging in the digital era.

U.S. Navy Commander Michael Widmann from the NATO Cooperative Cyber Defence Centre of Excellence said that NATO members are increasingly investing in cyber warfare methods to fight off and respond to attacks from state-sponsored hackers. “There’s a change in the [NATO] mindset to accept that computers, just like aircraft and ships, have an offensive capability,” he noted. Discussing the geopolitical implications of NATO switching from a defensive to an aggressive stance on hacking and its broader implications for businesses, Adi Dar, chief executive office of Cyberbit Ltd., told SiliconANGLE that the move indicated that the age of cyberwarfare has begun. “The enemy is armed with new strategies, goals and capabilities, and we must rethink our approaches as we prepare our organizations and nations to meet these evolving challenges,” Dar said. A security vulnerability is likely to exist across multiple organizations of the same industry segment

“Organisations need to balance an understanding of the data landscape in the organisation with a wider knowledge of the day-to-day practices in the business, including the possible pitfalls. For example, if businesses do not have a record of data duplication or are unaware of staff copying data, data erasure requests won’t be conducted correctly.” According to Bunker, only through working with various departments that hold and process critical data to map storage locations and data flows can organisations create the necessary understanding. “Even when the information goes outside the organisation, this data is still your responsibility, so you need to know who you’ve shared it and through which communication channels so you can effectively execute a data erasure request. Deletion can then be carried out automatically leveraging technology, or manually,” he said.

Ideally, security executives should attend board meetings in the same way that a chief financial officer would. Failing that, they should at least be briefed by the board on the organization’s projects and should have a chance to respond with functional plans to support the company’s top priorities. When meeting with security leaders, directors should ask how their cybersecurity plan will help the company meet one or some of these objectives: revenue, cost, margin, customer satisfaction, employee efficiency, or strategy. While these terms are familiar to board members and business executives, security leaders may need guidance on how to frame their department’s duties in the context of business operations. ... Incorporating security in the early stages of product development results in safer, more secure offerings and can spare companies the expense, hassle, and potential public embarrassment that accompanies retrofitting security.

One of the biggest value adds for Alexa for Business is its conference room support. According to Vogels, users leveraging Alexa for conferences will no longer need conference IDs and they'll simply be able to say: "Alexa, start the meeting" to get it going. Additionally, Vogels said, Alexa can be used in the conference room to dim the lights or lower the blinds, find an open conference room, or order supplies. So far, it will integrate with products from Cisco, Polycom, and a few others. Alexa for Business will help at your desk as well by making calls on your behalf or scheduling meetings. Vogels said that Alexa for Business will integrate with Office 365 and Google's G Suite, and it will also support on-premises Exchange for business users to handle calendar scheduling and other processes.

Cryptocurrency is, admittedly, much smaller than the subprime bubble that popped a decade ago, which was roughly two orders of magnitude larger than bitcoin today. But bitcoin has shown, on several occasions, a persistent ability to defy detractors like me to grow an order of magnitude in less than 12 months; if it does so again, it will be three times larger than LTCM. LTCM on its own very nearly ruined the world in 1998. If we aren’t careful, this is the kind of market where a financial institution can get in serious trouble extremely quickly (imagine the damage a character like Nick Leeson or Kweku Adoboli could have done trading Bitcoin contracts – which are coming soon to both the CME and, reportedly, Nasdaq). We know that cryptocurrency marketing is writing checks the technology can’t cash; most of these systems are unusable as backbones for global finance. It is a matter of time before the punter on the street becomes as disillusioned as I, an irascible blockchain software entrepreneur, have become.

In the world of wireless, the term Wi-Fi is synonymous with wireless access, even though the term Wi-Fi itself (and the Wi-Fi Alliance) is a group dedicated to interoperability between different wireless LAN products and technologies. The standards themselves are part of the 802.11 family of standards, courtesy of the IEEE. With terms such as “802.11b” (pronounced “Eight-O-Two-Eleven-Bee”, ignore the “dot”) and “802.11ac”, the alphabet soup of standards that began in the late 1990s continues to see improvements in throughput and range as we race to the future to get faster network access. Along the way, improvements are being made by adopting new frequencies for wireless data delivery, as well as range improvements and reduced power consumption, to help support initiatives like “The Internet of Things” and virtual reality.

The report says: "While the capacity of each organization is different, it's important that anti-phishing programs stay as active as possible. This is particularly true when it comes to developing recognition and reporting of active threat models. As with susceptibility and reporting, resiliency is improving throughout major industries. Education is the exception. Possible reasons: tighter security budgets compared to other industries, lack of central control and typically open environments that encourage users to "bring your own device." In the first eight months of 2017, over 216,000 emails were reported as sent through phishing campaigns, 15 percent of which deemed malicious -- the rest being only spam or non-malicious messages. In total, business email compromise (BEC) accounted for five percent of reported attacks in the same time period

Quote for the day:

"When data disproves a theory, a good scientist discards the theory and a poor one discards the data." -- Will Spencer